BIND 8.2.2 (notify): not ready for servers with multiple IP-adresses

Markus Stumpf maex-bind-users at Space.Net
Thu Nov 11 05:16:36 UTC 1999


On Thu, Nov 11, 1999 at 03:25:15AM +0100, Xuan Baldauf wrote:
> I think that this is a bug, because the slave does not know without
> further help by
> the administrator which ip addresses the master for a domain has besides
> the ones in
> the NS entries.

The bug is in your setup.
Configure your secondaries with master entries pointing to the IP the
the primary uses to send the notifies and it will work, regardless
what the NS zone records show. This however assumes that the primary
will also honor AXFR requests from the secondaries on that IP.

You could also do a small patch to the bind code to allow every IP
to send notifies. Last time I checked it was a three liner or so.
However such a patch will probably make you open to DoS attacks
very easily.
I thought of adding a "allow-notify" option, but solved it with the
above setup, as that was the quicker and IMHO cleaner solution.

	\Maex

-- 
SpaceNet GmbH             |   http://www.Space.Net/   | Yeah, yo mama dresses
Research & Development    | mailto:maex-sig at Space.Net | you funny and you need
Joseph-Dollinger-Bogen 14 |  Tel: +49 (89) 32356-0    | a mouse to delete files
D-80807 Muenchen          |  Fax: +49 (89) 32356-299  |


More information about the bind-users mailing list